mirror of
https://github.com/NLnetLabs/unbound.git
synced 2025-12-20 23:00:56 -05:00
active probe
git-svn-id: file:///svn/unbound/trunk@1802 be551aaa-1e26-0410-a405-d3ace91eadb9
This commit is contained in:
Wouter Wijngaards
parent
0a35d358ee
commit
415236c002
11 changed files with 107 additions and 12 deletions
|
|
@ -1168,7 +1168,6 @@ do_flush_zone(SSL* ssl, struct worker* worker, char* arg)
|
|||
int nmlabs;
|
||||
size_t nmlen;
|
||||
struct del_info inf;
|
||||
int idx;
|
||||
if(!parse_arg_name(ssl, arg, &nm, &nmlen, &nmlabs))
|
||||
return;
|
||||
/* delete all RRs and key entries from zone */
|
||||
|
|
@ -1188,10 +1187,9 @@ do_flush_zone(SSL* ssl, struct worker* worker, char* arg)
|
|||
slabhash_traverse(worker->env.msg_cache, 1, &zone_del_msg, &inf);
|
||||
|
||||
/* and validator cache */
|
||||
idx = modstack_find(&worker->daemon->mods, "validator");
|
||||
if(idx != -1) {
|
||||
struct val_env* ve = (struct val_env*)worker->env.modinfo[idx];
|
||||
slabhash_traverse(ve->kcache->slab, 1, &zone_del_kcache, &inf);
|
||||
if(worker->env.key_cache) {
|
||||
slabhash_traverse(worker->env.key_cache->slab, 1,
|
||||
&zone_del_kcache, &inf);
|
||||
}
|
||||
|
||||
free(nm);
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
1 September 2009: Wouter
|
||||
- testbound variable arithmetic.
|
||||
- autotrust probe time is randomised.
|
||||
- autotrust: the probe is active and does not fetch from cache.
|
||||
|
||||
31 August 2009: Wouter
|
||||
- testbound variable processing.
|
||||
|
|
|
|||
|
|
@ -460,11 +460,21 @@ static void
|
|||
time_passes(struct replay_runtime* runtime, struct replay_moment* mom)
|
||||
{
|
||||
struct fake_timer *t;
|
||||
timeval_add(&runtime->now_tv, &mom->elapse);
|
||||
struct timeval tv = mom->elapse;
|
||||
if(mom->string) {
|
||||
char* xp = macro_process(runtime->vars, runtime, mom->string);
|
||||
double sec;
|
||||
if(!xp) fatal_exit("could not macro expand %s", mom->string);
|
||||
verbose(VERB_ALGO, "EVAL %s", mom->string);
|
||||
sec = atof(xp);
|
||||
tv.tv_sec = (int)sec;
|
||||
tv.tv_usec = (int)((sec - (double)tv.tv_sec) *1000000. + 0.5);
|
||||
}
|
||||
timeval_add(&runtime->now_tv, &tv);
|
||||
runtime->now_secs = (uint32_t)runtime->now_tv.tv_sec;
|
||||
#ifndef S_SPLINT_S
|
||||
log_info("elapsed %d.%6.6d now %d.%6.6d",
|
||||
(int)mom->elapse.tv_sec, (int)mom->elapse.tv_usec,
|
||||
(int)tv.tv_sec, (int)tv.tv_usec,
|
||||
(int)runtime->now_tv.tv_sec, (int)runtime->now_tv.tv_usec);
|
||||
#endif
|
||||
/* see if any timers have fired; and run them */
|
||||
|
|
|
|||
|
|
@ -301,6 +301,16 @@ replay_moment_read(char* remain, FILE* in, const char* name, int* lineno,
|
|||
mom->evt_type = repevt_timeout;
|
||||
} else if(parse_keyword(&remain, "TIME_PASSES")) {
|
||||
mom->evt_type = repevt_time_passes;
|
||||
while(isspace((int)*remain))
|
||||
remain++;
|
||||
if(parse_keyword(&remain, "EVAL")) {
|
||||
while(isspace((int)*remain))
|
||||
remain++;
|
||||
mom->string = strdup(remain);
|
||||
if(!mom->string) fatal_exit("out of memory");
|
||||
mom->string[strlen(mom->string)-1]=0;
|
||||
remain += strlen(mom->string);
|
||||
}
|
||||
} else if(parse_keyword(&remain, "CHECK_AUTOTRUST")) {
|
||||
mom->evt_type = repevt_autotrust_check;
|
||||
while(isspace((int)*remain))
|
||||
|
|
|
|||
|
|
@ -69,6 +69,7 @@
|
|||
* o TIMEOUT
|
||||
* o TIME_PASSES ELAPSE [seconds] - increase 'now' time counter, can be
|
||||
* a floating point number.
|
||||
* TIME_PASSES EVAL [macro] - expanded for seconds to move time.
|
||||
* o CHECK_AUTOTRUST [id] - followed by FILE_BEGIN [to match] FILE_END.
|
||||
* The file contents is macro expanded before match.
|
||||
* o ERROR
|
||||
|
|
|
|||
38
testdata/autotrust_init.rpl
vendored
38
testdata/autotrust_init.rpl
vendored
|
|
@ -156,4 +156,42 @@ FILE_BEGIN
|
|||
example.com. 10800 IN DNSKEY 257 3 5 AwEAAc3Z5DQDJpH4oPdNtC4BUQHk50XMD+dHr4r8psHmivIa83hxR5CRgCtd9sENCW9Ae8OIO19xw9t/RPaEAqQa+OE= ;{id = 55582 (ksk), size = 512b} ;;state=2 [ VALID ] ;;count=0 ;;lastchange=1251100000 ;;Mon Aug 24 09:46:40 2009
|
||||
FILE_END
|
||||
|
||||
; wait and see if autotrust probes (the unchanged) domain again.
|
||||
STEP 40 TIME_PASSES EVAL ${$probe}
|
||||
|
||||
; do something to make time pass so that processing is performed.
|
||||
STEP 50 QUERY
|
||||
ENTRY_BEGIN
|
||||
REPLY RD DO
|
||||
SECTION QUESTION
|
||||
. IN NS
|
||||
ENTRY_END
|
||||
|
||||
STEP 60 CHECK_ANSWER
|
||||
ENTRY_BEGIN
|
||||
MATCH all
|
||||
REPLY QR RD RA NOERROR
|
||||
SECTION QUESTION
|
||||
. IN NS
|
||||
SECTION ANSWER
|
||||
. 3600 IN NS k.root-servers.net.
|
||||
SECTION ADDITIONAL
|
||||
k.root-servers.net. 3600 IN A 193.0.14.129
|
||||
ENTRY_END
|
||||
|
||||
STEP 65 ASSIGN probe2 = ${timeout}
|
||||
|
||||
STEP 70 CHECK_AUTOTRUST example.com
|
||||
FILE_BEGIN
|
||||
; autotrust trust anchor file
|
||||
;;id: example.com. 1
|
||||
;;last_queried: ${time} ;;${ctime ${time}}
|
||||
;;last_success: ${time} ;;${ctime ${time}}
|
||||
;;next_probe_time: ${$t0 + $probe + $probe2} ;;${ctime $t0 + $probe + $probe2}
|
||||
;;query_failed: 0
|
||||
;;query_interval: 5400
|
||||
;;retry_time: 3600
|
||||
example.com. 10800 IN DNSKEY 257 3 5 AwEAAc3Z5DQDJpH4oPdNtC4BUQHk50XMD+dHr4r8psHmivIa83hxR5CRgCtd9sENCW9Ae8OIO19xw9t/RPaEAqQa+OE= ;{id = 55582 (ksk), size = 512b} ;;state=2 [ VALID ] ;;count=0 ;;lastchange=1251100000 ;;Mon Aug 24 09:46:40 2009
|
||||
FILE_END
|
||||
|
||||
SCENARIO_END
|
||||
|
|
|
|||
|
|
@ -46,6 +46,7 @@
|
|||
#include "util/data/msgparse.h"
|
||||
struct alloc_cache;
|
||||
struct rrset_cache;
|
||||
struct key_cache;
|
||||
struct config_file;
|
||||
struct slabhash;
|
||||
struct query_info;
|
||||
|
|
@ -77,6 +78,8 @@ struct module_env {
|
|||
struct rrset_cache* rrset_cache;
|
||||
/** shared infrastructure cache (edns, lameness) */
|
||||
struct infra_cache* infra_cache;
|
||||
/** shared key cache */
|
||||
struct key_cache* key_cache;
|
||||
|
||||
/* --- services --- */
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -54,6 +54,8 @@
|
|||
#include "util/random.h"
|
||||
#include "util/data/msgparse.h"
|
||||
#include "services/mesh.h"
|
||||
#include "services/cache/rrset.h"
|
||||
#include "validator/val_kcache.h"
|
||||
#include "daemon/worker.h"
|
||||
|
||||
/** number of times a key must be seen before it can become valid */
|
||||
|
|
@ -1630,12 +1632,13 @@ int autr_process_prime(struct module_env* env, struct val_env* ve,
|
|||
return 1; /* trust point unchanged, so exists */
|
||||
}
|
||||
|
||||
autr_cleanup_keys(tp);
|
||||
if(!set_next_probe(env, tp, dnskey_rrset))
|
||||
return 0; /* trust point does not exist */
|
||||
verbose(VERB_ALGO, "autotrust: write to disk");
|
||||
autr_write_file(env, tp);
|
||||
if(changed) {
|
||||
autr_cleanup_keys(tp);
|
||||
if(!set_next_probe(env, tp, dnskey_rrset))
|
||||
return 0; /* trust point does not exist */
|
||||
verbose(VERB_ALGO, "autotrust: point changed, write to disk");
|
||||
autr_write_file(env, tp);
|
||||
verbose(VERB_ALGO, "autotrust: changed, reassemble");
|
||||
if(!autr_assemble(tp)) {
|
||||
log_err("malloc failure assembling autotrust keys");
|
||||
return 1; /* unchanged */
|
||||
|
|
@ -1777,6 +1780,15 @@ probe_anchor(struct module_env* env, struct trust_anchor* tp)
|
|||
|
||||
/* can't hold the lock while mesh_run is processing */
|
||||
lock_basic_unlock(&tp->lock);
|
||||
|
||||
/* delete the DNSKEY from rrset and key cache so an active probe
|
||||
* is done. First the rrset so another thread does not use it
|
||||
* to recreate the key entry in a race condition. */
|
||||
rrset_cache_remove(env->rrset_cache, qinfo.qname, qinfo.qname_len,
|
||||
qinfo.qtype, qinfo.qclass, 0);
|
||||
key_cache_remove(env->key_cache, qinfo.qname, qinfo.qname_len,
|
||||
qinfo.qclass);
|
||||
|
||||
if(!mesh_new_callback(env->mesh, &qinfo, qflags, &edns, buf, 0,
|
||||
&probe_answer_cb, env)) {
|
||||
log_err("out of memory making 5011 probe");
|
||||
|
|
|
|||
|
|
@ -152,3 +152,14 @@ key_cache_get_mem(struct key_cache* kcache)
|
|||
return sizeof(*kcache) + slabhash_get_mem(kcache->slab);
|
||||
}
|
||||
|
||||
void key_cache_remove(struct key_cache* kcache,
|
||||
uint8_t* name, size_t namelen, uint16_t key_class)
|
||||
{
|
||||
struct key_entry_key lookfor;
|
||||
lookfor.entry.key = &lookfor;
|
||||
lookfor.name = name;
|
||||
lookfor.namelen = namelen;
|
||||
lookfor.key_class = key_class;
|
||||
key_entry_hash(&lookfor);
|
||||
slabhash_remove(kcache->slab, lookfor.entry.hash, &lookfor);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -78,6 +78,16 @@ void key_cache_delete(struct key_cache* kcache);
|
|||
*/
|
||||
void key_cache_insert(struct key_cache* kcache, struct key_entry_key* kkey);
|
||||
|
||||
/**
|
||||
* Remove an entry from the key cache.
|
||||
* @param kcache: the key cache.
|
||||
* @param name: for what name to look; uncompressed wireformat
|
||||
* @param namelen: length of the name.
|
||||
* @param key_class: class of the key.
|
||||
*/
|
||||
void key_cache_remove(struct key_cache* kcache,
|
||||
uint8_t* name, size_t namelen, uint16_t key_class);
|
||||
|
||||
/**
|
||||
* Lookup key entry in the cache. Looks up the closest key entry above the
|
||||
* given name.
|
||||
|
|
|
|||
|
|
@ -118,6 +118,7 @@ val_apply_cfg(struct module_env* env, struct val_env* val_env,
|
|||
log_err("out of memory");
|
||||
return 0;
|
||||
}
|
||||
env->key_cache = val_env->kcache;
|
||||
if(!anchors_apply_cfg(env->anchors, cfg)) {
|
||||
log_err("validator: error in trustanchors config");
|
||||
return 0;
|
||||
|
|
|
|||
Loading…
Reference in a new issue